Test ID:	1.3.6.1.4.1.25623.1.0.63950
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDVSA-2009:108 (zsh)
Summary:	The remote host is missing an update to zsh;announced via advisory MDVSA-2009:108.
Description:	Summary: The remote host is missing an update to zsh announced via advisory MDVSA-2009:108. Vulnerability Insight: A stack-based buffer overflow was found in the zsh command interpreter. An attacker could use this flaw to cause a denial of service (zsh crash), when providing a specially-crafted string as input to the zsh shell (CVE-2009-1214, CVE-2009-1215). The updated packages have been patched to prevent this. Affected: 2008.1, 2009.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1214 BugTraq ID: 34521 http://www.securityfocus.com/bid/34521 http://savannah.gnu.org/bugs/?25296 http://www.openwall.com/lists/oss-security/2009/03/25/7 XForce ISS Database: screen-screenexchange-info-disclosure(49886) https://exchange.xforce.ibmcloud.com/vulnerabilities/49886 Common Vulnerability Exposure (CVE) ID: CVE-2009-1215 XForce ISS Database: screen-screenexchange-symlink(49887) https://exchange.xforce.ibmcloud.com/vulnerabilities/49887
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.